Unchecked string access in parseNs may yield garbage collection name for commands without collections

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Done
    • Priority: Major - P3
    • 2.5.2
    • Affects Version/s: None
    • Component/s: None
    • None
    • ALL
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None

      parseNs (and parseNsFullyQualified) expect that the cmdObj provided will have a leading String valued field containing a collection name, so use the unchecked valuestr() method on BSONElement to obtain that value:

      https://github.com/mongodb/mongo/blob/51af8d67570b33fa5d5b4d36b18215535d38dd85/src/mongo/db/commands.cpp#L67

      However, some commands (like a database drop) do not have a collection name.

      The auditing code in this file attempts to use these methods to format audit trail events for all commands. When it does so for commands that have no collection, the result is a collection name formed from whatever data is pointed to by the first element in the cmdObj, interpreted as a C string.

            Assignee:
            Andrew Morrow (Inactive)
            Reporter:
            Andrew Morrow (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: